this post was submitted on 01 Dec 2024
76 points (95.2% liked)

Showerthoughts

29879 readers
869 users here now

A "Showerthought" is a simple term used to describe the thoughts that pop into your head while you're doing everyday things like taking a shower, driving, or just daydreaming. A showerthought should offer a unique perspective on an ordinary part of life.

Rules

  1. All posts must be showerthoughts
  2. The entire showerthought must be in the title
  3. Avoid politics
    • 3.1) NEW RULE as of 5 Nov 2024, trying it out
    • 3.2) Political posts often end up being circle jerks (not offering unique perspective) or enflaming (too much work for mods).
    • 3.3) Try c/politicaldiscussion, volunteer as a mod here, or start your own community.
  4. Posts must be original/unique
  5. Adhere to Lemmy's Code of Conduct

founded 2 years ago
MODERATORS
top 21 comments
sorted by: hot top controversial new old
[–] [email protected] 49 points 2 days ago (4 children)

That would be too obvious and thus ineffective. In reality it is more likely that they have inserted bugs into various open source software covertly, like we saw with xz.

[–] Hugin 2 points 1 day ago

There was at least one attempt. Back before git the linux kernel was in 1 central repo. There was also a backup repo. It was compromised with a very clever backdoor.

The backdoor was caught but only because it didn't have a reference to the mainline repo.

if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) retval = -EINVAL;

Note the user uid is being set (=) to root instead of being checked(==) for root.

The full story.

https://freedom-to-tinker.com/2013/10/09/the-linux-backdoor-attempt-of-2003/

[–] x00z 7 points 2 days ago (1 children)

Looking at leaks of the past, it's probably more likely that they have an arsenal of bug exploits instead of backdoors when it comes to opensource stuff.

[–] [email protected] 2 points 2 days ago

Yeah actually that makes more sense than what I originally said. The US is one of the main buyers of gray-market zero day bugs, way cheaper and less risk than trying to covertly implement bugs.

[–] habitualTartare 19 points 2 days ago

More likely it's probably a non-free repository that many people choose to use like an Intel driver or something.

[–] [email protected] 3 points 2 days ago

Exactly. You have to put yourself in the perpetrator's mindset

[–] [email protected] 22 points 2 days ago (1 children)

Why would they bother with the 1% of 4% of Linux users that use their single distro, they'd be better off targeting windows or mobile users.

[–] horse_battery_staple 18 points 2 days ago* (last edited 2 days ago) (1 children)

Cloud servers run Linux. Also the NSA made the defacto secured kernel for enterprise linux

https://www.redhat.com/en/topics/linux/what-is-selinux

[–] [email protected] 1 points 2 days ago* (last edited 2 days ago) (1 children)

Sure, but its still not a lot of users to target a single distro, even if its the biggest one.

[–] horse_battery_staple 6 points 2 days ago (1 children)

All your metadata is on cloud servers. Your smartphone calls back to cloud servers. Lemmy is hosted on linux. It's not desktop OS that any state actor would target.

[–] [email protected] 1 points 2 days ago* (last edited 2 days ago) (1 children)

I guess I'd be less skeptical if they didn't already have access to so much more data than any one distro would give them, even if it was running all the fucking servers you mentioned. You even pointed out that they have SELinux so why would they need to make any distros?

[–] horse_battery_staple -1 points 2 days ago* (last edited 2 days ago)

You and I agree that there's no reason for the NSA to backdoor an OS. It's actually in their best interests to have a secured linux OS, and just buy/collect the metadata they want.

https://www.cnn.com/2024/01/26/tech/the-nsa-buys-americans-internet-data-newly-released-documents-show/index.html

[–] nothingcorporate 10 points 2 days ago

Yeah, it's called Windows.

Heyo!

[–] slazer2au 16 points 2 days ago (1 children)

No doubt, but why limit it to a single distro family when you can backdoor the kernel or a package 90% of people use?

[–] jqubed 8 points 2 days ago (1 children)

Not just the NSA, that kind of reach is accessible to a lot more governments! I’m pretty sure I read a story about that exact tactic earlier this year that looked like it was coming from China. Maybe no way to know for sure who’s actually behind it, but I would expect any government that has interests in spying on other nations is trying to play that game.

[–] foggy 5 points 2 days ago

It was almost catastrophic.

quick explanation

Much better explanation

[–] JubilantJaguar 10 points 2 days ago

Let's not be unduly pessimistic. Some basic rules continue to apply. By its nature, open-source software is always going to be a pretty solid guarantee against mass surveillance. If a lot of users are affected, the backdoor is going to be discovered and closed pretty quickly. That leaves the problem of individualized surveillance, where exploits are used against high-value targets. But these are by definition expensive. This fact constitutes a kind of protection for everybody else. That's the way I see it.

[–] [email protected] 8 points 2 days ago

more than one, more likely.

[–] saltesc 4 points 2 days ago (1 children)

It's Arch.

Think of the kind of people that use it and the shit they say and do. Now wonder what they do alone.

It's definitely Arch and the target demographic has gobbled it up none the wiser.

[–] horse_battery_staple 1 points 2 days ago

Is this a joke?

[–] [email protected] 7 points 2 days ago

Probably Kali.